Skip to content

Commit 1bc4d11

Browse files
vizzdoomvizzdoom
committed
New enumeration options added.
1 parent 96418a6 commit 1bc4d11

File tree

2 files changed

+108
-16
lines changed

2 files changed

+108
-16
lines changed

app.js

Lines changed: 34 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -481,13 +481,26 @@ class SQLMapGenerator {
481481
if (document.getElementById('parseErrors').checked) config['--parse-errors'] = true;
482482

483483
// Post-exploitation options
484+
if (document.getElementById('all').checked) config['--all'] = true;
485+
if (document.getElementById('banner').checked) config['--banner'] = true;
486+
if (document.getElementById('columns').checked) config['--columns'] = true;
487+
if (document.getElementById('comments').checked) config['--comments'] = true;
488+
if (document.getElementById('count').checked) config['--count'] = true;
484489
if (document.getElementById('currentUser').checked) config['--current-user'] = true;
485490
if (document.getElementById('currentDb').checked) config['--current-db'] = true;
486491
if (document.getElementById('dbs').checked) config['--dbs'] = true;
487-
if (document.getElementById('tables').checked) config['--tables'] = true;
488-
if (document.getElementById('columns').checked) config['--columns'] = true;
489-
if (document.getElementById('schema').checked) config['--schema'] = true;
492+
if (document.getElementById('dump').checked) config['--dump'] = true;
490493
if (document.getElementById('dumpAll').checked) config['--dump-all'] = true;
494+
if (document.getElementById('hostname').checked) config['--hostname'] = true;
495+
if (document.getElementById('isDba').checked) config['--is-dba'] = true;
496+
if (document.getElementById('passwords').checked) config['--passwords'] = true;
497+
if (document.getElementById('privileges').checked) config['--privileges'] = true;
498+
if (document.getElementById('roles').checked) config['--roles'] = true;
499+
if (document.getElementById('schema').checked) config['--schema'] = true;
500+
if (document.getElementById('search').checked) config['--search'] = true;
501+
if (document.getElementById('statements').checked) config['--statements'] = true;
502+
if (document.getElementById('tables').checked) config['--tables'] = true;
503+
if (document.getElementById('users').checked) config['--users'] = true;
491504

492505
const database = document.getElementById('database').value.trim();
493506
if (database) config['-D'] = database;
@@ -521,7 +534,8 @@ class SQLMapGenerator {
521534
'-p', '--skip', '--param-exclude', '--param-filter', '--level', '--risk', '--dbms', '--os',
522535
'--technique', '--invalid-bignum', '--invalid-logical', '--invalid-string', '--no-cast', '--no-escape', '--predict-output',
523536
'--batch', '-v', '-t', '--parse-errors', '--test-filter',
524-
'--current-user', '--current-db', '--dbs', '--tables', '--columns', '--schema', '--dump-all',
537+
'--all', '--banner', '--columns', '--comments', '--count', '--current-user', '--current-db', '--dbs', '--dump', '--dump-all',
538+
'--hostname', '--is-dba', '--passwords', '--privileges', '--roles', '--schema', '--search', '--statements', '--tables', '--users',
525539
'-D', '-T', '-C', '-o',
526540
'--tamper', '--prefix', '--suffix', '--csrf-token', '--csrf-url', '--second-url'
527541
];
@@ -830,13 +844,26 @@ class SQLMapGenerator {
830844
'-t': 'trafficFile',
831845
'--parse-errors': 'parseErrors',
832846
'--test-filter': 'testFilter',
847+
'--all': 'all',
848+
'--banner': 'banner',
849+
'--columns': 'columns',
850+
'--comments': 'comments',
851+
'--count': 'count',
833852
'--current-user': 'currentUser',
834853
'--current-db': 'currentDb',
835854
'--dbs': 'dbs',
836-
'--tables': 'tables',
837-
'--columns': 'columns',
838-
'--schema': 'schema',
855+
'--dump': 'dump',
839856
'--dump-all': 'dumpAll',
857+
'--hostname': 'hostname',
858+
'--is-dba': 'isDba',
859+
'--passwords': 'passwords',
860+
'--privileges': 'privileges',
861+
'--roles': 'roles',
862+
'--schema': 'schema',
863+
'--search': 'search',
864+
'--statements': 'statements',
865+
'--tables': 'tables',
866+
'--users': 'users',
840867
'-D': 'database',
841868
'-T': 'table',
842869
'-C': 'column',

index.html

Lines changed: 74 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -728,6 +728,31 @@ <h3>Attack Optimalization</h3>
728728
</div>
729729
<div class="checkbox-grid" title="These options can be used to enumerate the back-end database management system information, structure and data contained in the tables">
730730
<label class="form-label">ENUMERATION AND DATA EXFILTRATION</label>
731+
<label class="checkbox-label" title="Retrieve everything">
732+
<input type="checkbox" id="all">
733+
<span class="checkmark"></span>
734+
<span>--all</span>
735+
</label>
736+
<label class="checkbox-label" title="Retrieve DBMS banner">
737+
<input type="checkbox" id="banner">
738+
<span class="checkmark"></span>
739+
<span>--banner</span>
740+
</label>
741+
<label class="checkbox-label" title="Enumerate DBMS database table columns">
742+
<input type="checkbox" id="columns">
743+
<span class="checkmark"></span>
744+
<span>--columns</span>
745+
</label>
746+
<label class="checkbox-label" title="Enumerate DBMS database table columns">
747+
<input type="checkbox" id="comments">
748+
<span class="checkmark"></span>
749+
<span>--comments</span>
750+
</label>
751+
<label class="checkbox-label" title="Enumerate DBMS database table columns">
752+
<input type="checkbox" id="count">
753+
<span class="checkmark"></span>
754+
<span>--count</span>
755+
</label>
731756
<label class="checkbox-label" title="Retrieve DBMS current user">
732757
<input type="checkbox" id="currentUser">
733758
<span class="checkmark"></span>
@@ -742,26 +767,66 @@ <h3>Attack Optimalization</h3>
742767
<input type="checkbox" id="dbs">
743768
<span class="checkmark"></span>
744769
<span>--dbs</span>
770+
</label>
771+
<label class="checkbox-label" title="Dump all DBMS databases tables entries">
772+
<input type="checkbox" id="dump">
773+
<span class="checkmark"></span>
774+
<span>--dump</span>
775+
</label>
776+
<label class="checkbox-label" title="Dump all DBMS databases tables entries">
777+
<input type="checkbox" id="dumpAll">
778+
<span class="checkmark"></span>
779+
<span>--dump-all</span>
780+
</label>
781+
<label class="checkbox-label" title="Retrieve DBMS server hostname">
782+
<input type="checkbox" id="hostname">
783+
<span class="checkmark"></span>
784+
<span>--hostname</span>
745785
</label>
746-
<label class="checkbox-label" title="Enumerate DBMS database tables">
747-
<input type="checkbox" id="tables">
786+
<label class="checkbox-label" title="Detect if the DBMS current user is DBA">
787+
<input type="checkbox" id="isDba">
748788
<span class="checkmark"></span>
749-
<span>--tables</span>
789+
<span>--is-dba</span>
750790
</label>
751-
<label class="checkbox-label" title="Enumerate DBMS database table columns">
752-
<input type="checkbox" id="columns">
791+
<label class="checkbox-label" title="Enumerate DBMS users password hashes">
792+
<input type="checkbox" id="passwords">
753793
<span class="checkmark"></span>
754-
<span>--columns</span>
794+
<span>--passwords</span>
795+
</label>
796+
<label class="checkbox-label" title="Enumerate DBMS users privileges">
797+
<input type="checkbox" id="privileges">
798+
<span class="checkmark"></span>
799+
<span>--privileges</span>
800+
</label>
801+
<label class="checkbox-label" title="Enumerate DBMS users roles">
802+
<input type="checkbox" id="roles">
803+
<span class="checkmark"></span>
804+
<span>--roles</span>
755805
</label>
756806
<label class="checkbox-label" title="Enumerate DBMS schema">
757807
<input type="checkbox" id="schema">
758808
<span class="checkmark"></span>
759809
<span>--schema</span>
760810
</label>
761-
<label class="checkbox-label" title="Dump all DBMS databases tables entries">
762-
<input type="checkbox" id="dumpAll">
811+
<label class="checkbox-label" title="Search column(s), table(s) and/or database name(s)">
812+
<input type="checkbox" id="search">
763813
<span class="checkmark"></span>
764-
<span>--dump-all</span>
814+
<span>--search</span>
815+
</label>
816+
<label class="checkbox-label" title="Retrieve SQL statements being run on DBMS">
817+
<input type="checkbox" id="statements">
818+
<span class="checkmark"></span>
819+
<span>--statements</span>
820+
</label>
821+
<label class="checkbox-label" title="Retrieve SQL statements being run on DBMS">
822+
<input type="checkbox" id="tables">
823+
<span class="checkmark"></span>
824+
<span>--tables</span>
825+
</label>
826+
<label class="checkbox-label" title="Enumerate DBMS users">
827+
<input type="checkbox" id="users">
828+
<span class="checkmark"></span>
829+
<span>--users</span>
765830
</label>
766831
</div>
767832
</div>

0 commit comments

Comments
 (0)